pkg/48825: rc.d script of pkgsrc/security/openssh not support ed25519

To: pkg-manager%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,pkgsrc-bugs%netbsd.org@localhost
Subject: pkg/48825: rc.d script of pkgsrc/security/openssh not support ed25519
From: fukachan%fml.org@localhost
Date: Wed, 21 May 2014 05:35:00 +0000 (UTC)

>Number:         48825
>Category:       pkg
>Synopsis:       rc.d script of pkgsrc/security/openssh not support ed25519
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    pkg-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Wed May 21 05:35:00 +0000 2014
>Originator:     Ken'ichi Fukamachi
>Release:        NetBSD 5.2_STABLE
>Organization:
fml.org
>Environment:
        System: NetBSD example.fml.org 5.2_STABLE NetBSD 5.2_STABLE 
(HOME_SERVER) #0: Sun Mar 2 12:04:31 JST 2014 
fukachan%example.fml.org@localhost:/var/nbbuild/build.m_i386.netbsd-5.2_STABLE/obj/var/.ourfs/netbsd/520p/src/sys/arch/i386/compile/HOME_SERVER
 i386
Architecture: i386
Machine: i386
>Description:
        pkgsrc/security/openssh/files/sshd.sh not support ed25519 key,
        so show the error message 
        "error: Could not load host key: /usr/pkg/etc/ssh/ssh_host_ed25519_key" 
        each time sshd forked.

>How-To-Repeat:
        install pkgsrc/security/openssh and start it by
        /usr/pkg/share/examples/rc.d/sshd
>Fix:

Index: files/sshd.sh
===================================================================
RCS file: /cvsroot/pkgsrc/security/openssh/files/sshd.sh,v
retrieving revision 1.13
diff -u -b -r1.13 sshd.sh
--- files/sshd.sh       17 May 2011 03:26:52 -0000      1.13
+++ files/sshd.sh       21 May 2014 03:33:15 -0000
@@ -50,6 +50,14 @@
                ${keygen_command} -t ecdsa -f 
@PKG_SYSCONFDIR@/ssh_host_ecdsa_key -N ''
        fi
 /* HAVE_ECDSA_STOP */
+/* HAVE_ED25519_START */
+       if [ -f @PKG_SYSCONFDIR@/ssh_host_ed25519_key ]; then
+               @ECHO@ "You already have a ED25519 host key in 
@PKG_SYSCONFDIR@/ssh_host_ed25519_key"
+               @ECHO@ "Skipping protocol version 2 ED25519 Key Generation"
+       else
+               ${keygen_command} -t ed25519 -f 
@PKG_SYSCONFDIR@/ssh_host_ed25519_key -N ''
+       fi
+/* HAVE_ED25519_STOP */
        )
 }
 
@@ -58,7 +66,8 @@
        if [ ! -f @PKG_SYSCONFDIR@/ssh_host_key -o \
             ! -f @PKG_SYSCONFDIR@/ssh_host_dsa_key -o \
             ! -f @PKG_SYSCONFDIR@/ssh_host_rsa_key -o \
-            ! -f @PKG_SYSCONFDIR@/ssh_host_ecdsa_key ]; then
+            ! -f @PKG_SYSCONFDIR@/ssh_host_ecdsa_key -o \
+            ! -f @PKG_SYSCONFDIR@/ssh_host_ed25519_key ]; then
                if [ -f /etc/rc.subr -a -f /etc/rc.conf -a -f /etc/rc.d/DAEMON ]
                then
                        run_rc_command keygen

Prev by Date: Re: pkg/48823 (building xtrs on big endian arch's fails; requires var to be set)
Next by Date: Re: pkg/48823 (building xtrs on big endian arch's fails; requires var to be set)
Previous by Thread: PR/48823 CVS commit: pkgsrc/mk
Next by Thread: pkg/48830: libreoffice4-4.2.2.1 build screwed by ruby211-2.1.1's tcl-8.5.15nb1 build
Indexes:

Home | Main Index | Thread Index | Old Index